Islamist Bank Attackers Back in Business

Below:

Next story in Tech and gadgets

The group of Islamist online attackers who disabled the websites
of nearly a dozen American banks in September and October has
announced the resumption of its campaign.

"In new phase, the wideness and the number of attacks will
increase explicitly," say the Izz al-Din al-Qassam Cyber
Brigades, "and offenders and subsequently their governmental
supporters will not be able to imagine and forecast the
widespread and greatness of these attacks."

In a statement posted to Pastebin on Monday
(Dec. 10), the Qassam Cyber Brigades named five banks to be
attacked this week: Bank of America, JP Morgan Chase, PNC
Bank, SunTrust and U.S. Bancorp. None of the banks' websites
were having trouble loading this afternoon (Dec. 12).

All of those banks were among those hit in the original wave of
attacks, which began Sept. 18. Others hit included
BB&T, Capital One, Citigroup, Regions Bank and Wells Fargo.

The Qassam Cyber Brigades, who have taken an
extended vacation since the Islamic holiday of Eid al-Adha at
the end of October, claim their only goal is to have YouTube
entirely remove the "Innocence of Muslims" movie and trailer that
sparked riots across the Islamic world in September.

(The original video has been taken down, but it has been reposted
many times.)

"The implementing of these attacks is because of widespread and
organized offends to Islamic spirituals and holy issues,
especially the great prophet Mohammad (PBUH)," states the
posting. "If this offended film is going to be eliminated from
the Internet, the belonging attacks, also will be stopped."

Two other banks that were attacked in September and October
didn't fit the mold: HSBC, which is a British bank, and Ally
Financial, which is American but which the Qassam Cyber Brigades
never listed as a target and insist they never hit.

"We chose [HSBC] as an American bank," the Qassam Cyber Fighters
say in the latest posting, reproducing an email
exchange with Eduard Kovacs of the Romanian tech blog
Softpedia. "We focused on their U.S. website, but it had also
affected other sites in some degrees."

"We did not attack Ally institute," the responder to the Kovacs
questions adds. "Our attacked targets previously have been
announced in the corresponding statements."

An Anonymous-related group calling itself
Fawkes Security also took credit for the Oct. 18 HSBC attack,
and promised attacks on other British banks that never
materialized. The Qassam Cyber Brigades spokesman considered that
a coincidence.

"Our group doesn't have any connection to Fawkes Security," he
said. "Our attack's simultaneity with their operation has been
completely by chance."

On the surface, the attacks seemed to be classic
distributed denial-of-service (DDoS) attacks, in which many
computers use networking software to flood specific Web servers
with millions of useless requests for data. The servers and their
data are not harmed, but are cut off from the rest of the
Internet.

There have been rumors that the Qassam attacks used new,
especially powerful DDoS methods that leveraged the Internet's
underlying infrastructure, but no one's been willing to specify
exactly how.

In his answers to questioners, the Qassam Cyber Fighters'
spokesman denies anything special is going on.

"We program our needs partially and use work of other programmers
in the software world when we need it," he said. "We are not
reliant on any specific utility for our operations, and we
particularly didn't use [the underground DDoS service]
multiboot.me in our attacks."

Nor is his group connected to Iran, the Qassam spokesman says,
despite the assertions of Sen. Joe Lieberman, I-Conn., and
other
U.S. government figures.

"We are not dependent on any government," he said. "We don't have
connection with any fractional or political structure."